Microsoft warns Windows PCs also vulnerable to ‘Freak’ attacks

Hundreds of millions of Windows PC users are vulnerable to attacks exploiting the recently uncovered “Freak” security vulnerability, which was initially believed to only threaten mobile devices and Mac computers, Microsoft Corp warned. If hackers successfully exploit “Freak”, which stands for Factoring RSA-EXPORT Keys, they could spy on communications as well as infect PCs with malicious software. Security experts said the vulnerability was relatively difficult to exploit because hackers would need to use hours of computer time to crack the encryption before launching an attack.

I don’t think this is a terribly big issue, but only because you have to have many ducks in a row.

Ivan Ristic, director of engineering for cybersecurity firm Qualys Inc.

Microsoft advised system administrators to employ a workaround to disable settings on Windows servers that allow use of the weaker encryption. It said it was investigating the threat and had not yet developed a security update that would automatically protect Windows PC users from the threat. Apple said it had developed a software update to address the vulnerability, which would be pushed out to customers next week. Google said it had also developed a patch, which it provided to partners that make and distribute Android devices.